Note: This article was filed by a paid contributor to Xerox Corporation.
Small to medium-sized businesses (SMB) are recognizing how complex the security threat landscape is, and how costly it is to protect devices, data and networks. SMBs hold a wealth of data but may not realize how severe the consequences could be if it fell into the wrong hands. Although many may believe they are under the radar, most small and medium businesses can be attractive hacker targets as often their security is not on a par with enterprise defenses. The misconception that they are not at risk is leaving businesses vulnerable to losing valuable data and suffering both financial and reputational damage. According to the Ponemon Institute, 50% of SMBs experienced data breaches in the past 12 months. One area which demands more strategic attention, is the printing environment.
Although the majority of small and mid-size businesses remain reliant on printing to support core business activities, print security is rarely a top priority for SMBs, with many often overlooking the security vulnerabilities of today’s advanced multifunction printers (MFPs). While many safeguard their desktops, laptops and servers from external and internal threats, few pay the same strategic attention to protecting the print environment. Businesses may struggle to deploy comprehensive print security solutions due to a lack of skills and knowledge. Yet small and mid-size businesses cannot afford to be complacent.
While multifunction printers have brought convenience and improved productivity to the workplace, left unprotected, they can pose a range of security risks. Confidential or sensitive material can easily fall into the wrong hands when documents are left uncollected in output trays. And this is just the tip of the iceberg – today’s MFPs are intelligent networked devices which can act as an open door to the network if left unprotected. Reports of MFPs being hacked through open ports is becoming more common and demonstrates the need to ensure devices are protected from unauthorized access.
Fortunately, there are simple and effective ways of minimizing the risks of an unsecured print environment. SMBs require fast, cost-effective print security measures and solutions that are easy to manage. The emergence of cloud-based print security tools is emerging as a cost-effective and flexible model for SMEs to access enterprise class print security tools.
There are some simple steps that SMBs can take to protect their print environment. By taking guidance from a third-party expert such as a managed print service (MPS) provider, SMBs can gain access to a range of services and tools which can be adapted and expanded as business needs change.
Conduct a security assessment
For larger SMBs with a diverse printer fleet, it is advisable to use a third party provider to assess device, fleet and enterprise document security. This can evaluate all points of vulnerability across the fleet and provide a tailored security plan, for devices, user access and end of life/disposal. Managed print service (MPS) providers commonly offer this as part of their assessment services.
Protect the device
Many MFPs come as standard with hard drive encryption and data overwrite features. Most also offer lockable and removable hard drives. Data overwriting ensures that the hard drive is clear of readable data when the device is disposed of. It works by overwriting the actual data with random and numerical characters. Residual data can be completely erased when the encrypted device and the hard disk drive are removed from the MFP device. Meanwhile to ensure that MFPs do not provide open access to the network, open ports should be closed. Also, the automatic firmware and software updates should be in place to address new ensures device security vulnerabilities.
Secure the network
MFP devices can make use of several protocols and communication methods to improve security. The most common way of encrypting print jobs is SSL (secure socket layer) makes it safe for sensitive documents to be printed via a wired or wireless network. Xerox, for instance, has taken MFP security a step further by including McAfee Embedded Control technology which uses application whitelisting technology to protect its devices from corrupt software and malware. Through an alliance with Cisco, Xerox enables customers to simplify print and network infrastructure management, improve business processes results and reduce overall costs. This alliance extends Cisco’s Borderless Network Architecture by adding Xerox’s market-leading managed print services and cloud computing offerings.
Implementing access controls through secure printing ensures that only authorised users can access MFP device functionality. Also known as PIN and pull printing, print jobs can be saved electronically on the device, or on an external server, until the authorised user is ready to print them. The user provides a PIN code or uses an alternative authentication method such as a swipe card, proximity card or fingerprint.
Monitor and audit
Print environments are often a complex and diverse mix of products and technologies, further complicating the task of understanding what is being printed, scanned and copied where and by whom. SMBs should use centralized print management tools to monitor and track all MFP related usage. This can either be handled in-house or through an MPS provider.
There still remains gaping holes in the print security of many organizations. Adopting an integrated approach to print security that leverages the expertise of an MPS provider, SMBs can ensure that its most valuable asset – data – is protected. Leaving print security off the table, is a sure-fire way to increase the chance of a data breach. SMBs have to get to grips with print security because increasingly, compliance and data protection are high on the agenda of large businesses.
Consequently SMBs must be able to demonstrate compliance and should turn to expert partners, such as MPS providers to help them navigate the print security landscape. With security attacks continuing to become more sophisticated security is no longer a concern only for large enterprises. As attacks become more prevalent among SMBs, they can no longer afford to be complacent.
Subscribe to the Small Business Solutions Blog and receive updates when we publish a new article. [wysija_form id=”1″]